Klarna Docs - 2.2: Get authorization

2.2: Get authorization

Now that your customer selected Klarna to pay, let's get the purchase authorized.

When your customer selects Klarna to pay, you need to use our JavaScript SDK to get authorization for the purchase.

In this step, you send all the necessary customer details for Klarna to assess and decide whether or not to accept this purchase. When the authorization is successful, you receive an authorization token as a response, useful for Step 3: Create an order.

The authorization is possible through the authorize() call happening on the client side.

The following information is useful for both scenarios, one-time and recurring payments.

Get authorization for the purchase by using the authorize() call. Add the following parameters:

  • billing_address, containing the details of the address for billing. This is a required parameter
  • shipping_address, containing the details of the address for shipping. This is an optional parameter.
  • payment_method_categories, containing an array that lists the Klarna payment methods for this purchase (from the ones you received in the Initiate a payment response and used in the load() call).

You may send one or more categories in your request, these are specified in name. Whereas identifier usually has the value of klarna. For one category, the used parameter is the payment_method_category. We accept both payment_method_categories with an array, and payment_method_category, with a string.

We recommend you to call authorize() using a full request (like in the example) to ensure you're sending us complete and updated information the information is up to date.

If you do not provide a shipping address, we duplicate the billing address and use it as the shipping address.

       "asset_urls": {},
       "identifier": "klarna",
       "name": "Pay with Klarna"
  purchase_country: "US",
  purchase_currency: "USD",

Sample of the authorize() call for the US market.

In some cases, Klarna requires additional information about the customer and purchase. We recommend you send it in the authorize() call. For more information, see the Extra merchant data section.

For GDPR (General Data Protection Regulation) reasons, you should not send customer data before the authorize() call.

Klarna uses all this information to make the risk assessment. To see what data you need per market and how to format it, check the Customer data requirements.

During the authorize() call and until you receive the callback, Klarna runs a purchase flow that includes a risk assessment. You need to visually indicate to your customer that an ongoing process is happening. For a better user experience, we suggest:

  • avoiding another authorize() call (for example, disable the buy button)
  • showing your customer that the order is in progress (for example, show a loading spinner)
  • preventing your customer from changing the order or billing details (for example, lock the input fields on your page).

After processing the authorize() call, the callback function is executed. The Javascript callback is an object containing the following parameters:

  • approved, containing the authorization result. It's a boolean value that indicates approved or denied.
  • show_form, showing the availability of Klarna as a payment option. It's a boolean value that indicates displayed or hidden.
  • authorization_token, containing the token that allows you to place the order. This is only returned if it's an approved authorization.
  • error, containing details of potential error messages.

The following table lists the combination of values in the response.

FALSEFALSEDisable Klarna as a payment option and pre-select another payment method.
TRUEFALSEDisplay Klarna as a payment option and show the error message to the customer. Let the consumer change details and try again.
TRUETRUESuccess and redirect the customer to the next view.

There are three potential cases that you need to handle based on the response:

  • Success response: The purchase is approved.
  • Fixable error response: The customer needs to adjust and try again.
  • Error response: The purchase is not approved and you can't display Klarna as a payment option.

Success response

If the response is approved: true, Klarna has approved the authorization for this purchase.

The authorization_token allows you to create an order for both scenarios, recurring and one-time payments. The token is valid for 60 minutes.

authorization_token: "b4bd3423-24e3",
approved: true,
show_form: true

Sample of a success response.

We suggest you store the authorization_token in a hidden form field and send it to the backend with the submission button (for example, the Buy button).

Fixable error response

If the response is show_form: true, but comes with an error object containing invalid_fields, something fixable is wrong and the customer needs to take action. An error message is displayed asking the customer to make corrections before you re-authorize the purchase. The error message points out which fields are incorrect.

It's also possible that the response is approved: false and show_form: true, but the callback doesn't include error. This means the customer has terminated a required interaction in the widget, such as authentication or sign-up flows. In this case, you should keep Klarna visible so that the customer can make another purchase attempt.

approved: false,
show_form: true,
error: {
  invalid_fields: [

Sample of a fixable error response.

We suggest you use the error message in the callback object to highlight a specific input field on your page.

Error response

If the response is show_form: false, your store is not able to offer Klarna as a payment option. You should disable Klarna from your checkout, and your customer might select another payment method.

This negative response results from the pre-assessment that Klarna executes for the purchase.

approved: false,
show_form: false

Sample of an error response.

In addition to the client-side Javascript callback, it's also possible to receive the authorization token as a callback to a specific URL. For more details, see the Authorization callbacks section.